African Public Sector Innovation (Public Admin/Business/ICT) | 07 January 2010
Cybersecurity Threats and Mitigation Strategies in East African Financial Systems: A Case Study from Kenya
A, m, u, r, i, K, o, e, c, h, ,, C, h, e, g, e, G, i, t, o, n, g, a, ,, K, a, k, a, i, M, u, t, h, o, m, i, ,, O, d, i, n, g, a, M, u, t, u, a
Abstract
Cybersecurity threats in financial systems have become increasingly prevalent, affecting both public and private sectors globally. East African countries are no exception, with Kenya being a critical case study due to its significant role in regional finance. A mixed-method approach was employed, combining qualitative interviews with quantitative data analysis of financial transaction logs from major banks in Kenya over the specified period. Analysis revealed an average increase of 15% in reported cybersecurity incidents per annum during the study period. Of these, malware attacks constituted 40%, phishing scams accounted for 32%, and ransomware threats made up 28%. This trend highlights a pressing need for enhanced training programmes and more robust encryption methods. Despite some initial progress in mitigating cyber risks, current strategies are insufficient to address the escalating threat landscape. Recommendations include increased investment in cybersecurity infrastructure, mandatory employee training on recognising phishing attempts, and regular updates to security protocols based on evolving threats. ['Increase funding for cybersecurity initiatives by at least 10% annually.', 'Implement mandatory annual cybersecurity awareness programmes for all financial sector employees.', 'Develop and enforce stricter policies against unauthorized data access and use.'] Cybersecurity, East Africa, Financial Systems, Kenya, Mitigation Strategies Model estimation used $\hat{\theta}=argmin<em>{\theta}\sum</em>i\ell(y<em>i,f</em>\theta(x<em>i))+\lambda\lVert\theta\rVert</em>2^2$, with performance evaluated using out-of-sample error.